I was reminded by a CISO today that XP is still widely used in networks that, for instance, are simply used to manage surveillance camera systems, and that don't go through the same refreshes that desktops go through.

Whoopty, I think there is more reason to fear than you suggest, especially those in offices. If the Target data breach teaches us anything, its that the defenses of enterprises handling millions of valuable records are only as good as their weakest links. While a worker can say, "Hey, it's the company's/agency's machine," the fact remains, those machines still using XP will now become an open invitation to hackers. I'm willing to bet the damage and/or cost of mitigation that will arise from hackers exploiting XP machinces will exceed what it would have cost to upgrade to Windows 7.

I think the days of the general public being "scared" of computers and what they can do died after the Y2K non-event. While they should still be wary, I think you're unlikely to find any real fear surrounding the Xp switchoff, because those that use it privately can upgrade without too much difficulty - for the most part - and those in offices, well it's not there machine is it?

Given the shift to more risk-based security practices, one would think that the XP problem would have gotten the kind of attention Y2K generated, and agencies would have found the money. But unfortunatley, internal politics surrounding key agency programs, and their funding, often wins out over the legitimate cries from the IT department.

Procrastination, or the effect of budget cuts? XP is HOW old? Do you think IT specialists in civil service haven't been begging for money for upgrades for years? As long as no one wants to pay taxes, or fund the government, of course it will not perform to expectations. Chalk it up to the "deferred maintenance" aka "I left my check book in my car, I'll be back in a few minutes" policies demanded by certain crowds.

It seems illogical that agencies would take the risks of not switching off XP. But when managers are being told there's no money for equipment/software upgrades, all IT can do is say I told you so when the hackers get through.

As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.